…), docs Fix real bugs and reconcile the documented surface with what the extension actually exposes: - Wire agent.browser.navigate and agent.browser.fetch handlers in web-agents-api (both were exposed by injected.ts but unhandled, so calls threw ERR_INTERNAL). fetch is http(s)-only, strips cookies, and blocks RFC1918/localhost/.local to prevent SSRF via the extension. - Add a synchronous window.agent.capabilities() so callers can feature-detect apiVersion, feature flags, surfaces, and scopes without try/catching ERR_FEATURE_DISABLED. - Reconcile PermissionScope union across types.ts and injected.ts: add model:tools, mcp:servers.register, web:fetch, chat:open, agents:discover, agents:message. Expand ErrorCodes table to match handlers. - Gate the loud console.log noise in injected.ts behind a debug flag, opt in via localStorage, <meta>, or window.__webAgentsApiDebug. - Bump API_VERSION to 1.4.0 (also exposed via capabilities() and agent-ready).…